Marius Mutu
495790411f
Add docTR as primary OCR engine with 2-tier sequential processing, OCR metrics tracking, and simplified engine selection. Features: - docTR OCR engine with light+medium preprocessing tiers - doctr_plus mode with early exit optimization (~65% fast path) - OCR metrics dashboard with per-engine statistics - User OCR preference persistence - Parallel worker pool for OCR processing - Cross-validation for extraction quality Engine options: tesseract, doctr, doctr_plus (recommended), paddleocr 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
169 lines
6.0 KiB
Plaintext
169 lines
6.0 KiB
Plaintext
# ============================================================================
|
|
# ROA2WEB Unified Backend - Environment Configuration (PRODUCTION)
|
|
# ============================================================================
|
|
# Single backend process serving Reports, Data Entry, and Telegram modules
|
|
# IMPORTANT: This is a TEMPLATE - fill in production values before deploying!
|
|
|
|
# ============================================================================
|
|
# ORACLE DATABASE CONFIGURATION (REQUIRED - Shared by all modules)
|
|
# ============================================================================
|
|
# Connection to CONTAFIN_ORACLE schema for authentication and user management
|
|
# PRODUCTION: Direct connection to Oracle server (no SSH tunnel)
|
|
|
|
ORACLE_USER=CONTAFIN_ORACLE
|
|
ORACLE_PASSWORD=CHANGE_IN_PRODUCTION
|
|
ORACLE_HOST=localhost
|
|
ORACLE_PORT=1526
|
|
ORACLE_SID=ROA
|
|
|
|
# ============================================================================
|
|
# JWT AUTHENTICATION (REQUIRED - Shared by all modules)
|
|
# ============================================================================
|
|
# CRITICAL: Generate new secrets for production!
|
|
# python3 -c "import secrets; print(secrets.token_urlsafe(32))"
|
|
|
|
JWT_SECRET_KEY=GENERATE_NEW_SECRET_FOR_PRODUCTION
|
|
JWT_ALGORITHM=HS256
|
|
|
|
# Token expiration settings
|
|
ACCESS_TOKEN_EXPIRE_MINUTES=30
|
|
REFRESH_TOKEN_EXPIRE_DAYS=7
|
|
|
|
# ============================================================================
|
|
# SESSION SECURITY - EMAIL 2FA (REQUIRED for Telegram email login)
|
|
# ============================================================================
|
|
# CRITICAL: Generate new secret for production!
|
|
# python3 -c "import secrets; print(secrets.token_urlsafe(32))"
|
|
|
|
AUTH_SESSION_SECRET=GENERATE_NEW_SECRET_FOR_PRODUCTION
|
|
|
|
# ============================================================================
|
|
# SERVER CONFIGURATION
|
|
# ============================================================================
|
|
# Unified backend server settings
|
|
|
|
API_HOST=0.0.0.0
|
|
API_PORT=8000
|
|
DEBUG=false
|
|
|
|
# CORS Origins (comma-separated) - Update with production frontend URL
|
|
CORS_ORIGINS=https://your-production-domain.com,http://localhost:3000
|
|
|
|
# ============================================================================
|
|
# REPORTS MODULE - CACHE CONFIGURATION (OPTIONAL - defaults provided)
|
|
# ============================================================================
|
|
# Two-tier hybrid cache system (L1: in-memory LRU, L2: SQLite persistent)
|
|
|
|
# Core Settings
|
|
CACHE_ENABLED=True
|
|
CACHE_TYPE=hybrid
|
|
CACHE_SQLITE_PATH=./data/cache/roa2web_cache_prod.db
|
|
CACHE_MEMORY_MAX_SIZE=1000
|
|
CACHE_DEFAULT_TTL=900
|
|
|
|
# TTL per Cache Type (seconds)
|
|
CACHE_TTL_SCHEMA=86400
|
|
CACHE_TTL_COMPANIES=1800
|
|
CACHE_TTL_DASHBOARD_SUMMARY=1800
|
|
CACHE_TTL_DASHBOARD_TRENDS=1800
|
|
CACHE_TTL_INVOICES=600
|
|
CACHE_TTL_INVOICES_SUMMARY=900
|
|
CACHE_TTL_TREASURY=600
|
|
|
|
# Maintenance
|
|
CACHE_CLEANUP_INTERVAL=3600
|
|
|
|
# Event-Based Invalidation (experimental)
|
|
CACHE_AUTO_INVALIDATE=False
|
|
CACHE_CHECK_INTERVAL=300
|
|
|
|
# Performance Tracking
|
|
CACHE_TRACK_PERFORMANCE=True
|
|
CACHE_BENCHMARK_ON_STARTUP=False
|
|
|
|
# ============================================================================
|
|
# DATA ENTRY MODULE - CONFIGURATION
|
|
# ============================================================================
|
|
# Data Entry module settings (receipts, OCR, etc.)
|
|
|
|
# Environment identifier
|
|
ORACLE_ENV=prod
|
|
|
|
# SQLite Database (production)
|
|
SQLITE_DATABASE_PATH=data/receipts/receipts_prod.db
|
|
|
|
# File uploads
|
|
UPLOAD_PATH=data/receipts/uploads
|
|
MAX_UPLOAD_SIZE_MB=10
|
|
|
|
# ============================================================================
|
|
# OCR ENGINE CONFIGURATION
|
|
# ============================================================================
|
|
# Control which OCR engines are loaded at startup.
|
|
# Disabling engines saves memory but limits available OCR modes.
|
|
|
|
# Enable/disable PaddleOCR (set to 'false' to save ~800MB RAM)
|
|
# When disabled: 'paddleocr' engine unavailable
|
|
# PRODUCTION: Set based on server memory availability
|
|
OCR_ENABLE_PADDLEOCR=false
|
|
|
|
# Enable/disable Tesseract (set to 'false' to save ~50MB RAM)
|
|
# When disabled: 'tesseract' engine unavailable
|
|
OCR_ENABLE_TESSERACT=true
|
|
|
|
# Default OCR engine when not specified in request
|
|
# Options: tesseract, doctr, doctr_plus, paddleocr
|
|
# Recommended: doctr_plus (2-tier sequential with early exit)
|
|
OCR_DEFAULT_ENGINE=doctr_plus
|
|
|
|
# OCR Worker Pool Configuration
|
|
# Number of parallel OCR workers (each loads ~1GB for docTR)
|
|
# Recommended: 2 for 8GB RAM, 3 for 16GB RAM
|
|
OCR_WORKERS=2
|
|
|
|
# Max tasks per worker before restart (0 = no restart, saves 40-60s warmup time)
|
|
# Set to 0 for testing, 10-20 for production (prevents memory leaks)
|
|
OCR_MAX_TASKS_PER_CHILD=0
|
|
|
|
# ============================================================================
|
|
# TELEGRAM MODULE - BOT CONFIGURATION (REQUIRED for Telegram features)
|
|
# ============================================================================
|
|
# Obtain bot token from @BotFather on Telegram
|
|
# CRITICAL: Use production bot token, not development!
|
|
|
|
TELEGRAM_BOT_TOKEN=your_bot_token_from_botfather
|
|
|
|
# Backend URL for bot to communicate with API
|
|
BACKEND_URL=http://localhost:8000
|
|
|
|
# Internal API port (bot's internal API for backend callbacks)
|
|
INTERNAL_API_PORT=8002
|
|
|
|
# Enable internal API documentation (DISABLE in production!)
|
|
ENABLE_DOCS=false
|
|
|
|
# ============================================================================
|
|
# TELEGRAM MODULE - EMAIL AUTHENTICATION (SMTP) (REQUIRED for email 2FA)
|
|
# ============================================================================
|
|
# CRITICAL: Update with production SMTP credentials
|
|
|
|
# SMTP Server Configuration
|
|
SMTP_HOST=mail.romfast.ro
|
|
SMTP_PORT=587
|
|
SMTP_USER=ups@romfast.ro
|
|
SMTP_PASSWORD=CHANGE_IN_PRODUCTION
|
|
SMTP_FROM_EMAIL=ups@romfast.ro
|
|
SMTP_FROM_NAME=ROA2WEB
|
|
SMTP_USE_TLS=true
|
|
|
|
# Email Retry Settings
|
|
EMAIL_MAX_RETRIES=3
|
|
EMAIL_RETRY_DELAY=2.0
|
|
|
|
# ============================================================================
|
|
# TELEGRAM MODULE - DATABASE (SQLite for bot data)
|
|
# ============================================================================
|
|
# Separate SQLite database for Telegram bot auth codes and sessions
|
|
|
|
TELEGRAM_SQLITE_DATABASE_PATH=data/telegram/telegram_prod.db
|